The most sensational event in the circle these days is probably the DEXX incident.
I don't know much about this platform; I just saw many people defending their rights on Twitter, so I searched online for relevant reports and learned about this platform's gameplay.
This is a platform similar to a bot trading platform, and the main targets of trading on the platform are various meme coins. The platform uses bots to allow users to trade tokens automatically for profit.
Although I have not participated in this platform, I have tried similar gameplay - I participated in a trading bot on TON.
When I opened this bot, it prompted me to give it the private key of my account, then it could help me trade automatically.
As soon as I saw it wanted my private key, I immediately closed this bot and no longer pay attention to any such applications.
The reason I closed it is very simple: I do not participate in any application that requires me to give up my private key, no matter how enticing its claims are.
According to the current information from multiple comparisons, the assets stolen from users in this incident reached tens of millions or even hundreds of millions of dollars.
Although the truth of the incident is still under further investigation, the increasing number of revealed details allows us to see the issues reflected by the incident:
Security issues caused by centralized custody of private keys.
The security issues of crypto assets are almost a perennial topic within the ecosystem. Such security incidents occur at least once every year.
The basic reasons for the incidents can be boiled down to the following three points:
- Using high returns as bait
- Users exposing private keys
- Poor management of private keys.
Among the many security incidents, their forms of manifestation will not be identical; they always appear in new ways, but upon careful examination, their essence is the same.
In the DEXX incident, referrers who participated could earn high commissions, the profits promoted by the platform were very enticing, players participating in the platform had to give their private keys, and the platform's management of their private keys was centralized.
All these problems have occurred.
For such applications, there will always be players with this kind of fluke mentality:
I only put a little money in to play, and when I make money, I'll stop, and I can safely withdraw completely.
This idea is beautiful, but in reality, most people can't stop themselves when it comes to actual operation.
Even if a small amount of capital enters to play at first, once high returns are obtained, people will not think of stopping, nor will they think of withdrawing completely. At this point, people's hearts will swell, only thinking of using more money to seek greater profits, and the various precautions set in their minds beforehand will be eliminated one by one.
Therefore, once a final incident occurs, the losses incurred by users will certainly be substantial amounts.
In this incident, the users who participated in defending their rights and exposing losses online suffered significant amounts of losses.
Many users also mentioned that they reported to the police and filed cases.
In our country, transactions related to crypto assets are very sensitive issues, inherently a gray area legally. In this case, how the police will handle such cases is hard to say, and even if they do handle it, it may drag out other troublesome matters.
So for retail investors like us, engaging in various activities in this field, the only ones who can truly protect our interests are ourselves.
We must take the security of our crypto assets seriously ourselves, rather than entrusting security to others.
Moreover, isn't the original intention of blockchain technology to hope that each user can control their private keys and firmly grasp their assets?
I think similar incidents will happen in the future; every time such an incident occurs, users will incur losses. If new users entering this field suffer due to lack of experience, that may be understandable, but seasoned users who have been in this field for several years should deeply reflect on themselves if they fall victim.
I always believe that in the crypto ecosystem, security is always the top priority. Any tempting benefits without guaranteed security are just illusions.